Apparatus and method to perform synchronization services in a switch

ABSTRACT

Switching architectures to manage mutex primitives used to control access to objects or data blocks that are being processed by two or more microservices in a data center are provided.

BACKGROUND

Cloud computing provides access to servers, storage, databases, and abroad set of application services over the Internet. A cloud serviceprovider offers cloud services such as network services and businessapplications that are hosted in servers in one or more data centers thatcan be accessed by companies or individuals over the Internet.Hyperscale cloud-service providers typically have hundreds of thousandsof servers. Each server in a hyperscale cloud includes storage devicesto store user data, for example, user data for business intelligence,data mining, analytics, social media and micro-services. The cloudservice provider generates revenue from companies and individuals (alsoreferred to as tenants) that use the cloud services.

Disaggregated computing or Composable Disaggregated Infrastructure (CDI)is an emerging technology that makes use of high bandwidth, low-latencyinterconnects to aggregate compute, storage, memory, and networkingfabric resources into shared resource pools that can be provisioned ondemand.

BRIEF DESCRIPTION OF THE DRAWINGS

Features of embodiments of the claimed subject matter will becomeapparent as the following detailed description proceeds, and uponreference to the drawings, in which like numerals depict like parts, andin which:

FIG. 1 is a simplified diagram of at least one embodiment of a datacenter for executing workloads with disaggregated resources;

FIG. 2 is a simplified diagram of at least one embodiment of a systemthat may be included in a data center;

FIG. 3 is a simplified block diagram of at least one embodiment of a topside of a node;

FIG. 4 is a simplified block diagram of at least one embodiment of abottom side of a node;

FIG. 5 is a simplified block diagram of at least one embodiment of acompute node;

FIG. 6 is a simplified block diagram of at least one embodiment of anaccelerator node usable in a data center;

FIG. 7 is a simplified block diagram of at least one embodiment of astorage node usable in a data center;

FIG. 8 is a simplified block diagram of at least one embodiment of amemory node usable in a data center;

FIG. 9 depicts a system for executing one or more workloads;

FIG. 10 depicts an example system;

FIG. 11 shows an example system;

FIG. 12 is a simplified block diagram of a system that includes a switchand nodes that may be included in the data center shown in FIG. 1;

FIG. 13 illustrates an example of an object management rules entry inthe object management rules in the object management controller in theswitch;

FIG. 14 illustrates an example of a request tracker entry in the requesttracker in object management controller in the switch;

FIG. 15 illustrates an example of a mutex tracker entry in the mutextracker in the switch;

FIG. 16 illustrates an example of a synchronous secured VLAN entry inthe synchronous secured VLAN in the switch; and

FIG. 17 is a flow graph illustrating a method performed in the switch toprocess a request received from a node for a mutex for an object.

Although the following Detailed Description will proceed with referencebeing made to illustrative embodiments of the claimed subject matter,many alternatives, modifications, and variations thereof will beapparent to those skilled in the art. Accordingly, it is intended thatthe claimed subject matter be viewed broadly, and be defined only as setforth in the accompanying claims.

DESCRIPTION OF EMBODIMENTS

High speed networks are essential for supporting business, providingcommunication, and delivering entertainment. To increase network speed,Cloud service providers (CSPs) are evolving their hardware platforms byoffering central processing units (CPUs), general purpose graphicsprocessing units (GPGPUs), custom XPUs, and pooled storage and memory(for example, DDR, persistent memory, 3D XPoint, Optane, or memorydevices that use chalcogenide glass). CSPs are vertically integratingthese with custom orchestration control planes to expose these asservices to users.

Growth in cloud native, scale out in applications, emergence of ComputeExpress Link (CXL) based protocols to stitch together systems andresources across multiple platforms, and increased and enhanced usagesand capabilities offered by XPUs (for example, GPUs and InfrastructureProcessing Units (IPUs)) have led a shift from core and CPU focusedcomputing, to computing that spans multiple platforms and even multipledatacenters at times.

An application can be composed of microservices, where each microserviceruns in its own process and communicates using protocols (e.g.,application program interface (API), a Hypertext Transfer Protocol(HTTP) resource API, message service, remote procedure calls (RPC), orGoogle RPC (gRPC)). Microservices can be independently deployed usingcentralized management of these services.

Microservices share objects or data blocks that are accessed andmodified concurrently. With new data center technologies such as pooledmemories, the modification and access of objects or data blocks canoccur in remote memories or storage where no coherency or consistency isprovided.

Switching architectures to manage mutex primitives used to controlaccess to objects or data blocks that are being processed by two or moremicroservices in the data center are provided

Various embodiments and aspects of the inventions will be described withreference to details discussed below, and the accompanying drawings willillustrate the various embodiments. The following description anddrawings are illustrative of the invention and are not to be construedas limiting the invention. Numerous specific details are described toprovide a thorough understanding of various embodiments of the presentinvention. However, in certain instances, well-known or conventionaldetails are not described in order to provide a concise discussion ofembodiments of the present inventions.

Reference in the specification to “one embodiment” or “an embodiment”means that a particular feature, structure, or characteristic describedin conjunction with the embodiment can be included in at least oneembodiment of the invention. The appearances of the phrase “in oneembodiment” in various places in the specification do not necessarilyall refer to the same embodiment.

Various embodiments and aspects of the inventions will be described withreference to details discussed below, and the accompanying drawings willillustrate the various embodiments. The following description anddrawings are illustrative of the invention and are not to be construedas limiting the invention. Numerous specific details are described toprovide a thorough understanding of various embodiments of the presentinvention. However, in certain instances, well-known or conventionaldetails are not described in to provide a concise discussion ofembodiments of the present inventions.

Reference in the specification to “one embodiment” or “an embodiment”means that a particular feature, structure, or characteristic describedin conjunction with the embodiment can be included in at least oneembodiment of the invention. The appearances of the phrase “in oneembodiment” in various places in the specification do not necessarilyall refer to the same embodiment.

FIG. 1 depicts a data center 100 in which disaggregated resources maycooperatively execute one or more workloads (e.g., applications onbehalf of customers) that includes multiple systems 110, 120, 130, 140,a system being or including one or more rows of racks or trays. Ofcourse, although data center 100 is shown with multiple systems, in someembodiments, the data center 100 may be embodied as a single system. Asdescribed in more detail herein, each rack houses multiple nodes, someof which may be equipped with one or more types of resources (e.g.,memory devices, data storage devices, accelerator devices, generalpurpose processors, GPUs, xPUs, CPUs, field programmable gate arrays(FPGAs), or application-specific integrated circuits (ASICs)). Resourcescan be logically coupled or aggregated to form a composed node, whichcan act as, for example, a server to perform a job, workload ormicroservices.

Various examples described herein can perform an application composed ofmicroservices, where each microservice runs in its own process andcommunicates using protocols (e.g., application program interface (API),a Hypertext Transfer Protocol (HTTP) resource API, message service,remote procedure calls (RPC), or Google RPC (gRPC)). Microservices canbe independently deployed using centralized management of theseservices. The management system may be written in different programminglanguages and use different data storage technologies. A microservicecan be characterized by one or more of: use of fine-grained interfaces(to independently deployable services), polyglot programming (e.g., codewritten in multiple languages to capture additional functionality andefficiency not available in a single language), or lightweight containeror virtual machine deployment, and decentralized continuous microservicedelivery. One or more microservices can execute on or use any resourcesdescribed herein, such as resources of FIGS. 3-11.

In the illustrative embodiment, the nodes in each system 110, 120, 130,140 are connected to multiple system switches (e.g., switches that routedata communications to and from nodes within the system). Switches canbe positioned at the top of rack (TOR), end of row (EOR), middle of rack(MOR), or other. The system switches, in turn, connect with spineswitches 150 that switch communications among systems (e.g., the systems110, 120, 130, 140) in the data center 100. In some embodiments, thenodes may be connected with a fabric using standards described herein orproprietary standards. In other embodiments, the nodes may be connectedwith other fabrics, such as InfiniBand or Ethernet or optical. Asdescribed in more detail herein, resources within nodes in the datacenter 100 may be allocated to a group (referred to herein as a “managednode”) containing resources from one or more nodes to be collectivelyutilized in the execution of a workload. The workload can execute as ifthe resources belonging to the managed node were located on the samenode. The resources in a managed node may belong to nodes belonging todifferent racks, and even to different systems 110, 120, 130, 140. Assuch, some resources of a single node may be allocated to one managednode while other resources of the same node are allocated to a differentmanaged node (e.g., one processor assigned to one managed node andanother processor of the same node assigned to a different managednode).

The disaggregation of resources to nodes comprised predominantly of asingle type of resource (e.g., compute nodes comprising primarilycompute resources, memory nodes containing primarily memory resources),and the selective allocation and deallocation of the disaggregatedresources to form a managed node assigned to execute a workload improvesthe operation and resource usage of the data center 100 relative totypical data centers comprised of hyperconverged servers containingcompute, memory, storage and perhaps additional resources. For example,because nodes predominantly contain resources of a particular type,resources of a given type can be upgraded independently of otherresources. Additionally, because different resource types (processors,memory, storage, accelerators, etc.) typically have different refreshrates, greater resource utilization, and reduced total cost of ownershipmay be achieved. For example, a data center operator can upgrade theprocessors throughout their facility by only swapping out the computenodes. In such a case, accelerator and storage resources may not becontemporaneously upgraded and, rather, may be allowed to continueoperating until those resources are scheduled for their own refresh.Resource utilization may also increase. For example, if managed nodesare composed based on requirements of the workloads that will be runningon them, resources within a node are more likely to be fully utilized.Such utilization may allow for more managed nodes to run in a datacenter with a given set of resources, or for a data center expected torun a given set of workloads, to be built using fewer resources.

FIG. 2 depicts a system 110. A system 110 can include a set of rows 200,210, 220, 230 of racks 240. Each rack 240 may house multiple nodes(e.g., sixteen nodes) and provide power and data connections to thehoused nodes, as described in more detail herein. In the illustrativeembodiment, the racks in each row 200, 210, 220, 230 are connected tomultiple system switches 250, 260. The system switch 250 includes a setof ports 252 to which the nodes of the racks of the system 110 areconnected and another set of ports 254 that connect the system 110 tothe spine switches 150 to provide connectivity to other systems in thedata center 100. Similarly, the system switch 260 includes a set ofports 262 to which the nodes of the racks of the system 110 areconnected and a set of ports 264 that connect the system 110 to thespine switches 150. As such, the use of the pair of switches 250, 260provides an amount of redundancy to the system 110. For example, ifeither of the switches 250, 260 fails, the nodes in the system 110 maystill maintain data communication with the remainder of the data center100 (e.g., nodes of other systems) through the other switch 250, 260.Furthermore, in the illustrative embodiment, the switches 150, 250, 260may be embodied as dual-mode optical switches, capable of routing bothEthernet protocol communications carrying Internet Protocol (IP) packetsand communications according to a second, high-performance link-layerprotocol (e.g., PCI Express or Compute Express Link) via opticalsignaling media of an optical fabric.

It should be appreciated that each of the other systems 120, 130, 140(as well as additional systems of the data center 100) may be similarlystructured as, and have components similar to, the system 110 shown inand described in regard to FIG. 2 (e.g., each system may have rows ofracks housing multiple nodes as described above). Additionally, whiletwo system switches 250, 260 are shown, it should be understood that inother embodiments, each system 110, 120, 130, 140 may be connected to adifferent number of system switches, providing even more failovercapacity. Of course, in other embodiments, systems may be arrangeddifferently than the rows-of-racks configuration shown in FIGS. 1-2. Forexample, a system may be embodied as multiple sets of racks in whicheach set of racks is arranged radially, e.g., the racks are equidistantfrom a center switch.

Referring now to FIG. 3, node 300, in the illustrative embodiment, isconfigured to be mounted in a corresponding rack 240 of the data center100 as discussed above. In some embodiments, each node 300 may beoptimized or otherwise configured for performing particular tasks, suchas compute tasks, acceleration tasks, data storage tasks, etc. Forexample, the node 300 may be embodied as a compute node 500 as discussedbelow in regard to FIG. 5, an accelerator node 600 as discussed below inregard to FIG. 6, a storage node 700 as discussed below in regard toFIG. 7, or as a node optimized or otherwise configured to perform otherspecialized tasks, such as a memory node 800, discussed below in regardto FIG. 8. For example, one or more microservices can execute on orusing node 300, node 500, accelerator node 600, storage node 700, and/ormemory node 800.

Although two physical resources 320 are shown in FIG. 3, it should beappreciated that the node 300 may include one, two, or more physicalresources 320 in other embodiments. The physical resources 320 may beembodied as any type of processor, controller, or other compute circuitcapable of performing various tasks such as compute functions and/orcontrolling the functions of the node 300 depending on, for example, thetype or intended functionality of the node 300. For example, asdiscussed in more detail below, the physical resources 320 may beembodied as high-performance processors in embodiments in which the node300 is embodied as a compute node, as accelerator co-processors orcircuits in embodiments in which the node 300 is embodied as anaccelerator node, storage controllers in embodiments in which the node300 is embodied as a storage node, or a set of memory devices inembodiments in which the node 300 is embodied as a memory node.

The node 300 also includes one or more additional physical resources 330mounted to circuit board substrate 302. In the illustrative embodiment,the additional physical resources include a network interface controller(NIC) as discussed in more detail below. Of course, depending on thetype and functionality of the node 300, the physical resources 330 mayinclude additional or other electrical components, circuits, and/ordevices in other embodiments.

The physical resources 320 can be communicatively coupled to thephysical resources 330 via an Input/Output (I/O) subsystem 322. The I/Osubsystem 322 may be embodied as circuitry and/or components tofacilitate Input/Output operations with the physical resources 320, thephysical resources 330, and/or other components of the node 300. Forexample, the I/O subsystem 322 may be embodied as, or otherwise include,memory controller hubs, Input/Output control hubs, integrated sensorhubs, firmware devices, communication links (e.g., point-to-point links,bus links, wires, cables, waveguides, light guides, printed circuitboard traces, etc.), and/or other components and subsystems tofacilitate the Input/Output operations. In the illustrative embodimentfor memory system, the I/O subsystem 322 is embodied as, or otherwiseincludes, a double data rate 4 (DDR4) data bus or a DDR5 data bus.

In some embodiments, the node 300 may also include aresource-to-resource interconnect 324. The resource-to-resourceinterconnect 324 may be embodied as any type of communicationinterconnect capable of facilitating resource-to-resourcecommunications. In the illustrative embodiment, the resource-to-resourceinterconnect 324 is embodied as a high-speed point-to-point interconnect(e.g., faster than the I/O subsystem 322). For example, theresource-to-resource interconnect 324 may be embodied as a QuickPathInterconnect (QPI), an UltraPath Interconnect (UPI), PCI express (PCIe),or other high-speed point-to-point interconnect utilized forresource-to-resource communications.

The node 300 also includes a power connector 340 configured to mate witha corresponding power connector of the rack 240 when the node 300 ismounted in the corresponding rack 240. The node 300 receives power froma power supply of the rack 240 via the power connector 340 to supplypower to the various electrical components of the node 300. In someexamples, the node 300 includes local power supply (e.g., an on-boardpower supply) to provide power to the electrical components of the node300. In some examples, the node 300 does not include any local powersupply (e.g., an on-board power supply) to provide power to theelectrical components of the node 300. The exclusion of a local oron-board power supply facilitates the reduction in the overall footprintof the circuit board substrate 302, which may increase the thermalcooling characteristics of the various electrical components mounted onthe circuit board substrate 302 as discussed above. In some embodiments,voltage regulators are placed on circuit board substrate 302 directlyopposite of the processors 520 (see FIG. 5), and power is routed fromthe voltage regulators to the processors 520 by vias extending throughthe circuit board substrate 302. Such a configuration provides anincreased thermal budget, additional current and/or voltage, and bettervoltage control relative to typical printed circuit boards in whichprocessor power is delivered from a voltage regulator, in part, byprinted circuit traces.

In some embodiments, the node 300 may also include mounting features 342configured to mate with a mounting arm, or other structure, of a robotto facilitate the placement of the node 300 in a rack 240 by the robot.The mounting features 342 may be embodied as any type of physicalstructures that allow the robot to grasp the node 300 without damagingthe circuit board substrate 302 or the electrical components mountedthereto. For example, in some embodiments, the mounting features 342 maybe embodied as non-conductive pads attached to the circuit boardsubstrate 302. In other embodiments, the mounting features may beembodied as brackets, braces, or other similar structures attached tothe circuit board substrate 302. The particular number, shape, size,and/or make-up of the mounting feature 342 may depend on the design ofthe robot configured to manage the node 300.

Referring now to FIG. 4, in addition to the physical resources 330mounted on circuit board substrate 302, the node 300 also includes oneor more memory devices 420. The physical resources 320 can becommunicatively coupled to memory devices 420 via the I/O subsystem 322.For example, the physical resources 320 and the memory devices 420 maybe communicatively coupled by one or more vias extending through thecircuit board substrate 302. A physical resource 320 may becommunicatively coupled to a different set of one or more memory devices420 in some embodiments. Alternatively, in other embodiments, eachphysical resource 320 may be communicatively coupled to each memorydevice 420.

The memory devices 420 may be embodied as any type of memory devicecapable of storing data for the physical resources 320 during operationof the node 300, such as any type of volatile (e.g., dynamic randomaccess memory (DRAM), etc.) or non-volatile memory.

In one embodiment, the memory device is a block addressable memorydevice, such as those based on NAND or NOR technologies, for example,multi-threshold level NAND flash memory and NOR flash memory. A blockcan be any size such as but not limited to 2 KB, 4 KB, 5 KB, and soforth. A memory device may also include next-generation nonvolatiledevices, such as Intel Optane® memory or other byte addressablewrite-in-place nonvolatile memory devices (e.g., memory devices that usechalcogenide glass), multi-threshold level NAND flash memory, NOR flashmemory, single or multi-level Phase Change Memory (PCM), a resistivememory, nanowire memory, ferroelectric transistor random access memory(FeTRAM), anti-ferroelectric memory, magnetoresistive random accessmemory (MRAM) memory that incorporates memristor technology, resistivememory including the metal oxide base, the oxygen vacancy base and theconductive bridge Random Access Memory (CB-RAM), or spin transfer torque(STT)-MRAM, a spintronic magnetic junction memory based device, amagnetic tunneling junction (MTJ) based device, a DW (Domain Wall) andSOT (Spin Orbit Transfer) based device, a thyristor based memory device,or a combination of one or more of the above, or other memory. Thememory device may refer to the die itself and/or to a packaged memoryproduct. In some embodiments, the memory device may comprise atransistor-less stackable cross point architecture in which memory cellssit at the intersection of word lines and bit lines and are individuallyaddressable and in which bit storage is based on a change in bulkresistance.

Referring now to FIG. 5, in some embodiments, the node 300 may beembodied as a compute node 500. The compute node 500 can be configuredto perform compute tasks. Of course, as discussed above, the computenode 500 may rely on other nodes, such as acceleration nodes and/orstorage nodes, to perform compute tasks. In the illustrative computenode 500, the physical resources 320 are embodied as processors 520.Although only two processors 520 are shown in FIG. 5, it should beappreciated that the compute node 500 may include additional processors520 in other embodiments. Illustratively, the processors 520 areembodied as high-performance processors 520 and may be configured tooperate at a relatively high power rating.

In some embodiments, the compute node 500 may also include aprocessor-to-processor interconnect 542. Processor-to-processorinterconnect 542 may be embodied as any type of communicationinterconnect capable of facilitating processor-to-processor interconnect542 communications. In the illustrative embodiment, theprocessor-to-processor interconnect 542 is embodied as a high-speedpoint-to-point interconnect (e.g., faster than the I/O subsystem 322).For example, the processor-to-processor interconnect 542 may be embodiedas a QuickPath Interconnect (QPI), an UltraPath Interconnect (UPI), orother high-speed point-to-point interconnect utilized forprocessor-to-processor communications (e.g., PCIe or CXL).

The compute node 500 also includes a communication circuit 530. Theillustrative communication circuit 530 includes a network interfacecontroller (NIC) 532, which may also be referred to as a host fabricinterface (HFI). The NIC 532 may be embodied as, or otherwise include,any type of integrated circuit, discrete circuits, controller chips,chipsets, add-in-boards, daughtercards, network interface cards, orother devices that may be used by the compute node 500 to connect withanother compute device (e.g., with other nodes 300). In someembodiments, the NIC 532 may be embodied as part of a system-on-a-chip(SoC) that includes one or more processors, or included on a multichippackage that also contains one or more processors. In some embodiments,the NIC 532 may include a local processor (not shown) and/or a localmemory (not shown) that are both local to the NIC 532. In suchembodiments, the local processor of the NIC 532 may be capable ofperforming one or more of the functions of the processors 520.Additionally or alternatively, in such embodiments, the local memory ofthe NIC 532 may be integrated into one or more components of the computenode 500 at the board level, socket level, chip level, and/or otherlevels. In some examples, a network interface includes a networkinterface controller or a network interface card. In some examples, anetwork interface can include one or more of a network interfacecontroller (NIC) 532, a host fabric interface (HFI), a host bus adapter(HBA), network interface connected to a bus or connection (e.g., PCIe,CXL, DDR, and so forth). In some examples, a network interface can bepart of a switch or a system-on-chip (SoC).

Some examples of a NIC 532 are part of an Infrastructure Processing Unit(IPU) or data processing unit (DPU) or utilized by an IPU or DPU. An IPUor DPU can include a network interface, memory devices, and one or moreprogrammable or fixed function processors (e.g., CPU or XPU) to performoffload of operations that could have been performed by a host CPU orXPU or remote CPU or XPU. In some examples, the IPU or DPU can performvirtual switch operations, manage storage transactions (e.g.,compression, cryptography, virtualization), and manage operationsperformed on other IPUs, DPUs, servers, or devices.

The communication circuit 530 is communicatively coupled to an opticaldata connector 534. The optical data connector 534 is configured to matewith a corresponding optical data connector of a rack when the computenode 500 is mounted in the rack. Illustratively, the optical dataconnector 534 includes a plurality of optical fibers which lead from amating surface of the optical data connector 534 to an opticaltransceiver 536. The optical transceiver 536 is configured to convertincoming optical signals from the rack-side optical data connector toelectrical signals and to convert electrical signals to outgoing opticalsignals to the rack-side optical data connector. Although shown asforming part of the optical data connector 534 in the illustrativeembodiment, the optical transceiver 536 may form a portion of thecommunication circuit 530 in other embodiments.

In some embodiments, the compute node 500 may also include an expansionconnector 540. In such embodiments, the expansion connector 540 isconfigured to mate with a corresponding connector of an expansioncircuit board substrate to provide additional physical resources to thecompute node 500. The additional physical resources may be used, forexample, by the processors 520 during operation of the compute node 500.The expansion circuit board substrate may be substantially similar tothe circuit board substrate 302 discussed above and may include variouselectrical components mounted thereto. The particular electricalcomponents mounted to the expansion circuit board substrate may dependon the intended functionality of the expansion circuit board substrate.For example, the expansion circuit board substrate may provideadditional compute resources, memory resources, and/or storageresources. As such, the additional physical resources of the expansioncircuit board substrate may include, but is not limited to, processors,memory devices, storage devices, and/or accelerator circuits including,for example, field programmable gate arrays (FPGA), application-specificintegrated circuits (ASICs), security co-processors, graphics processingunits (GPUs), machine learning circuits, or other specializedprocessors, controllers, devices, and/or circuits. Note that referenceto GPU or CPU herein can in addition or alternatively refer to an XPU orxPU. An xPU can include one or more of: a GPU, ASIC, FPGA, oraccelerator device.

Referring now to FIG. 6, in some embodiments, the node 300 may beembodied as an accelerator node 600. The accelerator node 600 isconfigured to perform specialized compute tasks, such as machinelearning, encryption, hashing, or another computational-intensive task.In some embodiments, for example, a compute node 500 may offload tasksto the accelerator node 600 during operation. The accelerator node 600includes various components similar to components of the node 300 and/orcompute node 500, which have been identified in FIG. 6 using the samereference numbers.

In the illustrative accelerator node 600, the physical resources 320 areembodied as accelerator circuits 620. Although only two acceleratorcircuits 620 are shown in FIG. 6, it should be appreciated that theaccelerator node 600 may include additional accelerator circuits 620 inother embodiments. The accelerator circuits 620 may be embodied as anytype of processor, co-processor, compute circuit, or other devicecapable of performing compute or processing operations. For example, theaccelerator circuits 620 may be embodied as, for example, centralprocessing units, cores, field programmable gate arrays (FPGA),application-specific integrated circuits (ASICs), programmable controllogic (PCL), security co-processors, graphics processing units (GPUs),neuromorphic processor units, quantum computers, machine learningcircuits, programmable processing pipeline (e.g., programmable by P4, C,Python, Broadcom Network Programming Language (NPL), or x86 compatibleexecutable binaries or other executable binaries). Processors, FPGAs,other specialized processors, controllers, devices, and/or circuits canbe used utilized for packet processing or packet modification. Ternarycontent-addressable memory (TCAM) can be used for parallel match-actionor look-up operations on packet header content.

In some embodiments, the accelerator node 600 may also include anaccelerator-to-accelerator interconnect 642. Similar to theresource-to-resource interconnect 324 of the node 300 discussed above,the accelerator-to-accelerator interconnect 642 may be embodied as anytype of communication interconnect capable of facilitatingaccelerator-to-accelerator communications. In the illustrativeembodiment, the accelerator-to-accelerator interconnect 642 is embodiedas a high-speed point-to-point interconnect (e.g., faster than the I/Osubsystem 322). For example, the accelerator-to-accelerator interconnect642 may be embodied as a QuickPath Interconnect (QPI), an UltraPathInterconnect (UPI), or other high-speed point-to-point interconnectutilized for accelerator-to-accelerator communications. In someembodiments, the accelerator circuits 620 may be daisy-chained with aprimary accelerator circuit 620 connected to the NIC 532 and memory 420through the I/O subsystem 322 and a secondary accelerator circuit 620connected to the NIC 532 and memory 420 through a primary acceleratorcircuit 620.

Referring now to FIG. 7, in some embodiments, the node 300 may beembodied as a storage node 700. The storage node 700 is configured insome embodiments to store data in a data storage 750 local to thestorage node 700. For example, during operation, a compute node 500 oran accelerator node 600 may store and retrieve data from the datastorage 750 of the storage node 700. The storage node 700 includesvarious components similar to components of the node 300 and/or thecompute node 500, which have been identified in FIG. 7 using the samereference numbers.

In the illustrative storage node 700, the physical resources 320 areembodied as storage controllers 720. Although only two storagecontrollers 720 are shown in FIG. 7, it should be appreciated that thestorage node 700 may include additional storage controllers 720 in otherembodiments. The storage controllers 720 may be embodied as any type ofprocessor, controller, or control circuit capable of controlling thestorage and retrieval of data into/from the data storage 750 based onrequests received via the communication circuit 530 or other components.In the illustrative embodiment, the storage controllers 720 are embodiedas relatively low-power processors or controllers.

In some embodiments, the storage node 700 may also include acontroller-to-controller interconnect 742. Similar to theresource-to-resource interconnect 324 of the node 300 discussed above,the controller-to-controller interconnect 742 may be embodied as anytype of communication interconnect capable of facilitatingcontroller-to-controller communications. In the illustrative embodiment,the controller-to-controller interconnect 742 is embodied as ahigh-speed point-to-point interconnect (e.g., faster than the I/Osubsystem 322). For example, the controller-to-controller interconnect742 may be embodied as a QuickPath Interconnect (QPI), an UltraPathInterconnect (UPI), or other high-speed point-to-point interconnectutilized for controller-to-controller communications.

Referring now to FIG. 8, in some embodiments, the node 300 may beembodied as a memory node 800. The memory node 800 is configured toprovide other nodes 300 (e.g., compute nodes 500, accelerator nodes 600,etc.) with access to a pool of memory (e.g., in two or more sets 830,832 of memory devices 420) local to the storage node 700. Also,additional external memory sets can be facilitated using communicationcircuit 530 and memory sets on memory node(s) located in other physicalnodes (not shown). For example, during operation, a compute node 500 oran accelerator node 600 may remotely write to and/or read from one ormore of the memory sets 830, 832 of the memory node 800 using a logicaladdress space that maps to physical addresses in the memory sets 830,832.

In the illustrative memory node 800, the physical resources 320 areembodied as memory controllers 820. Although only two memory controllers820 are shown in FIG. 8, it should be appreciated that the memory node800 may include additional memory controllers 820 in other embodiments.The memory controllers 820 may be embodied as any type of processor,controller, or control circuit capable of controlling the writing andreading of data into the memory sets 830, 832 based on requests receivedvia the communication circuit 530. In the illustrative embodiment, eachmemory controller 820 is connected to a corresponding memory set 830,832 to write to and read from memory devices 420 within thecorresponding memory set 830, 832 and enforce permissions (e.g., read,write, etc.) associated with node 300 that has sent a request to thememory node 800 to perform a memory access operation (e.g., read orwrite).

In some embodiments, the memory node 800 may also include acontroller-to-controller interconnect 842. Similar to theresource-to-resource interconnect 324 of the node 300 discussed above,the controller-to-controller interconnect 842 may be embodied as anytype of communication interconnect capable of facilitatingcontroller-to-controller communications. In the illustrative embodiment,the controller-to-controller interconnect 842 is embodied as ahigh-speed point-to-point interconnect (e.g., faster than the I/Osubsystem 322). For example, the controller-to-controller interconnect842 may be embodied as a QuickPath Interconnect (QPI), an UltraPathInterconnect (UPI), or other high-speed point-to-point interconnectutilized for controller-to-controller communications. As such, in someembodiments, a memory controller 820 may access, through thecontroller-to-controller interconnect 842, memory that is within thememory set 832 associated with another memory controller 820. In someembodiments, a scalable memory controller is made of multiple smallermemory controllers, referred to herein as “chiplets”, on a memory node(e.g., the memory node 800). The chiplets may be interconnected (e.g.,using EMIB (Embedded Multi-Die Interconnect Bridge)). The combinedchiplet memory controller may scale up to a relatively large number ofmemory controllers and I/O ports, (e.g., up to 16 memory channels). Insome embodiments, the memory controllers 820 may implement a memoryinterleave (e.g., one memory address is mapped to the memory set 830,the next memory address is mapped to the memory set 832, and the thirdaddress is mapped to the memory set 830, etc.). The interleaving may bemanaged within the memory controllers 820, or from CPU sockets (e.g., ofthe compute node 500) across network links to the memory sets 830, 832,and may improve the latency and bandwidth associated with performingmemory access operations as compared to accessing contiguous memoryaddresses from the same memory device.

Further, in some embodiments, the memory node 800 may be connected toone or more other nodes 300 (e.g., in the same rack 240 or an adjacentrack 240) through a waveguide, using the waveguide connector 880. Usinga waveguide may provide high throughput access to the memory pool (e.g.,the memory sets 830, 832) to another node (e.g., a node 300 in the samerack 240 or an adjacent rack 240 as the memory node 800) without addingto the load on the optical data connector 534.

Referring now to FIG. 9, a system 910 for executing one or moreworkloads (e.g., applications or microservices) may be implemented. Inthe illustrative embodiment, the system 910 includes an orchestratorserver 920, which may be embodied as a managed node comprising a computedevice (e.g., a processor 520 on a compute node 500) executingmanagement software (e.g., a cloud operating environment, such asOpenStack) that is communicatively coupled to multiple nodes 300including a large number of compute nodes 930 (e.g., each similar to thecompute node 500), memory nodes 940 (e.g., each similar to the memorynode 800), accelerator nodes 950 (e.g., each similar to the acceleratornode 600), and storage nodes 960 (e.g., each similar to the storage node700). One or more of the nodes 930, 940, 950, 960 may be grouped into amanaged node 970, such as by the orchestrator server 920, tocollectively perform a workload (e.g., an application 932 executed in avirtual machine or in a container). While orchestrator node 920 is shownas a single entity, alternatively or additionally, its functionality canbe distributed across multiple instances and physical locations.

The managed node 970 may be embodied as an assembly of physicalresources 320, such as processors 520, memory resources 420, acceleratorcircuits 620, or data storage 750, from the same or different nodes 300.Further, the managed node 970 may be established, defined, or “spun up”by the orchestrator server 920 at the time a workload is to be assignedto the managed node 970, and may exist regardless of whether a workloadis presently assigned to the managed node 970. In the illustrativeembodiment, the orchestrator server 920 may selectively allocate and/ordeallocate physical resources 320 from the nodes 300 and/or add orremove one or more nodes 300 from the managed node 970 as a function ofquality of service (QoS) targets (e.g., a target throughput, a targetlatency, a target number of instructions per second, etc.) associatedwith a service level agreement or class of service (COS or CLOS) for theworkload (e.g., the application 932). In doing so, the orchestratorserver 920 may receive telemetry data indicative of performanceconditions (e.g., throughput, latency, instructions per second, etc.) ineach node 300 of the managed node 970 and compare the telemetry data tothe quality-of-service targets to determine whether the quality ofservice targets are being satisfied. The orchestrator server 920 mayadditionally determine whether one or more physical resources may bedeallocated from the managed node 970 while still satisfying the QoStargets, thereby freeing up those physical resources for use in anothermanaged node (e.g., to execute a different workload). Alternatively, ifthe QoS targets are not presently satisfied, the orchestrator server 920may determine to dynamically allocate additional physical resources toassist in the execution of the workload (e.g., the application 932)while the workload is executing. Similarly, the orchestrator server 920may determine to dynamically deallocate physical resources from amanaged node 970 if the orchestrator server 920 determines thatdeallocating the physical resource would result in QoS targets stillbeing met.

Additionally, in some embodiments, the orchestrator server 920 mayidentify trends in the resource utilization of the workload (e.g., theapplication 932), such as by identifying phases of execution (e.g., timeperiods in which different operations, each having different resourceutilizations characteristics, are performed) of the workload (e.g., theapplication 932) and pre-emptively identifying available resources inthe data center and allocating them to the managed node 970 (e.g.,within a predefined time period of the associated phase beginning). Insome embodiments, the orchestrator server 920 may model performancebased on various latencies and a distribution scheme to place workloadsamong compute nodes 930 and other resources (e.g., accelerator nodes,memory nodes, storage nodes) in the data center. For example, theorchestrator server 920 may utilize a model that accounts for theperformance, including optionally previously collected historicalperformance, of resources on the nodes 300 (e.g., FPGA performance,memory access latency, etc.) and the performance (e.g., congestion,latency, bandwidth) of the path through the network to the resource(e.g., FPGA). As such, the orchestrator server 920 may determine whichresource(s) should be used with which workloads based on the totallatency associated with each potential resource available in the datacenter 100 (e.g., the latency associated with the performance of theresource itself in addition to the latency associated with the paththrough the network between the compute node executing the workload andthe node 300 on which the resource is located).

In some embodiments, the orchestrator server 920 may generate a map ofheat generation in the data center 100 using telemetry data (e.g.,temperatures, fan speeds, etc.) reported from the nodes 300 and allocateresources to managed nodes as a function of the map of heat generationand predicted heat generation associated with different workloads, tomaintain a target temperature and heat distribution in the data center100. Additionally or alternatively, in some embodiments, theorchestrator server 920 may organize received telemetry data into ahierarchical model that is indicative of a relationship between themanaged nodes (e.g., a spatial relationship such as the physicallocations of the resources of the managed nodes within the data center100 and/or a functional relationship, such as groupings of the managednodes by the customers the managed nodes provide services for, the typesof functions typically performed by the managed nodes, managed nodesthat typically share or exchange workloads among each other, etc.).Based on differences in the physical locations and resources in themanaged nodes, a given workload may exhibit different resourceutilizations (e.g., cause a different internal temperature, use adifferent percentage of processor or memory capacity) across theresources of different managed nodes. The orchestrator server 920 maydetermine the differences based on the telemetry data stored in thehierarchical model and factor the differences into a prediction offuture resource utilization of a workload if the workload is reassignedfrom one managed node to another managed node, to accurately balanceresource utilization in the data center 100. In some embodiments, theorchestrator server 920 may identify patterns in resource utilizationphases of the workloads and use the patterns to predict future resourceutilization of the workloads.

To reduce the computational load on the orchestrator server 920 and thedata transfer load on the network, in some embodiments, the orchestratorserver 920 may send self-test information to the nodes 300 to enableeach node 300 to locally (e.g., on the node 300) determine whethertelemetry data generated by the node 300 satisfies one or moreconditions (e.g., an available capacity that satisfies a predefinedthreshold, a temperature that satisfies a predefined threshold, etc.).Each node 300 may then report back a simplified result (e.g., yes or no)to the orchestrator server 920, which the orchestrator server 920 mayutilize in determining the allocation of resources to managed nodes.

Embodiments described herein can be used in a data center ordisaggregated composite nodes. The techniques described herein can applyto both disaggregated and traditional server architectures. Atraditional server can include a CPU, XPU, one or more memory devices,networking communicatively coupled to one or more circuit boards withina server.

Edge computing, at a general level, refers to the implementation,coordination, and use of computing and resources at locations closer tothe “edge” or collection of “edges” of the network. The purpose of thisarrangement is to improve total cost of ownership, reduce applicationand network latency, reduce network backhaul traffic and associatedenergy consumption, improve service capabilities, and improve compliancewith security or data privacy requirements (especially as compared toconventional cloud computing). Components that can perform edgecomputing operations (“edge nodes”) can reside in whatever locationneeded by the system architecture or ad hoc service (e.g., in ahigh-performance compute data center or cloud installation; a designatededge node server, an enterprise server, a roadside server, a telecomcentral office; or a local or peer at-the-edge device being servedconsuming edge services).

With the illustrative edge networking systems described below, computingand storage resources are moved closer to the edge of the network (e.g.,closer to the clients, endpoint devices, or “things”). By moving thecomputing and storage resources closer to the device producing or usingthe data, various latency, compliance, and/or monetary or resource costconstraints may be achievable relative to a standard networked (e.g.,cloud computing) system. To do so, in some examples, pools of compute,memory, and/or storage resources may be located in, or otherwiseequipped with, local servers, routers, and/or other network equipment.Such local resources facilitate the satisfying of constraints placed onthe system. For example, the local compute and storage resources allowan edge system to perform computations in real-time or near real-time,which may be a consideration in low latency user-cases such asautonomous driving, video surveillance, and mobile media consumption.Additionally, these resources will benefit from service management in anedge system which provides the ability to scale and achieve localservice level agreements (SLAs) or service level objectives (SLOs),manage tiered service requirements, and enable local features andfunctions on a temporary or permanent basis.

A pool can include a device on a same chassis or different physicallydispersed devices on different chassis or different racks. A resourcepool can include homogeneous processors, homogeneous processors, and/ora memory pool. Pooling of heterogeneous resources can be implementedusing multiple homogeneous resource pools.

An illustrative edge computing system may support and/or provide variousservices to endpoint devices (e.g., client user equipment (UEs)), eachof which may have different requirements or constraints. For example,some services may have priority or quality-of-service (QoS) constraints(e.g., traffic data for autonomous vehicles may have a higher prioritythan temperature sensor data), reliability and resiliency (e.g., trafficdata may require mission-critical reliability, while temperature datamay be allowed some error variance), as well as power, cooling, andform-factor constraints. These and other technical constraints may offersignificant complexity and technical challenges when applied in themulti-stakeholder setting.

FIG. 10 generically depicts an edge computing system 1000 for providingedge services and applications to multi-stakeholder entities, asdistributed among one or more client compute nodes 1002, one or moreedge gateway nodes 1012, one or more edge aggregation nodes 1022, one ormore core data centers 1032, and a global network cloud 1042, asdistributed across layers of the network. One or more microservices canexecute on one or more nodes and/or data center. The implementation ofthe edge computing system 1000 may be provided at or on behalf of atelecommunication service provider (“telco”, or “TSP”),internet-of-things service provider, cloud service provider (CSP),enterprise entity, or any other number of entities. Variousimplementations and configurations of the edge computing system 1000 maybe provided dynamically, such as when orchestrated to meet serviceobjectives.

For example, the client compute nodes 1002 are located at an endpointlayer, while the edge gateway nodes 1012 are located at an edge deviceslayer (local level) of the edge computing system 1000. Additionally, theedge aggregation nodes 1022 (and/or fog devices 1024, if arranged oroperated with or among a fog networking configuration 1026) are locatedat a network access layer (an intermediate level). Fog computing (or“fogging”) generally refers to extensions of cloud computing to the edgeof an enterprise's network or to the ability to manage transactionsacross the cloud/edge landscape, typically in a coordinated distributedor multi-node network. Some forms of fog computing provide thedeployment of compute, storage, and networking services between enddevices and cloud computing data centers, on behalf of the cloudcomputing locations. Some forms of fog computing also provide theability to manage the workload/workflow level services, in terms of theoverall transaction, by pushing certain workloads to the edge or to thecloud based on the ability to fulfill the overall service levelagreement. Fog computing in many scenarios provide a decentralizedarchitecture and serves as an extension to cloud computing bycollaborating with one or more edge node devices, providing thesubsequent amount of localized control, configuration and management,and much more for end devices. Thus, some forms of fog computing provideoperations that are consistent with edge computing as discussed herein;the edge computing aspects discussed herein are also applicable to fognetworks, fogging, and fog configurations. Further, aspects of the edgecomputing systems discussed herein may be configured as a fog, oraspects of a fog may be integrated into an edge computing architecture.

The core data center 1032 is located at a core network layer (a regionalor geographically-central level), while the global network cloud 1042 islocated at a cloud data center layer (a national or world-wide layer).The use of “core” is provided as a term for a centralized networklocation—deeper in the network—which is accessible by multiple edgenodes or components; however, a “core” does not necessarily designatethe “center” or the deepest location of the network. Accordingly, thecore data center 1032 may be located within, at, or near the edgecomputing system 1000. Although an illustrative number of client computenodes 1002, edge gateway nodes 1012, edge aggregation nodes 1022, edgecore data centers 1032, global network clouds 1042 are shown in FIG. 10,it should be appreciated that the edge computing system 1000 may includeadditional devices or systems at each layer. Devices at a layer can beconfigured as peer nodes to each other and, accordingly, act in acollaborative manner to meet service objectives.

Consistent with the examples provided herein, a client compute node 1002may be embodied as any type of endpoint component, device, appliance, orother thing capable of communicating as a producer or consumer of data.Further, the label “node” or “device” as used in the edge computingsystem 1000 does not necessarily mean that such node or device operatesin a client or agent/minion/follower role; rather, one or more of thenodes or devices in the edge computing system 1000 refer to individualentities, nodes, or subsystems which include discrete or connectedhardware or software configurations to facilitate or use the edgecomputing system 1000.

As such, the edge computing system 1000 is formed from networkcomponents and functional features operated by and within the edgegateway nodes 1012 and the edge aggregation nodes 1022. The edgecomputing system 1000 may be embodied as any type of deployment thatprovides edge computing and/or storage resources which are proximatelylocated to radio access network (RAN) capable endpoint devices (e.g.,mobile computing devices, IoT devices, smart devices, etc.), which areshown in FIG. 10 as the client compute nodes 1002. In other words, theedge computing system 1000 may be envisioned as an “edge” which connectsthe endpoint devices and traditional network access points that servesas an ingress point into service provider core networks, includingmobile carrier networks (e.g., Global System for Mobile Communications(GSM) networks, Long-Term Evolution (LTE) networks, 5G/6G networks,etc.), while also providing storage and/or compute capabilities. Othertypes and forms of network access (e.g., Wi-Fi, long-range wireless,wired networks including optical networks) may also be utilized in placeof or in combination with such 3GPP carrier networks.

In some examples, the edge computing system 1000 may form a portion ofor otherwise provide an ingress point into or across a fog networkingconfiguration 1026 (e.g., a network of fog devices 1024, not shown indetail), which may be embodied as a system-level horizontal anddistributed architecture that distributes resources and services toperform a specific function. For instance, a coordinated and distributednetwork of fog devices 1024 may perform computing, storage, control, ornetworking aspects in the context of an IoT system arrangement. Othernetworked, aggregated, and distributed functions may exist in the edgecomputing system 1000 between the core data center 1032 and the clientendpoints (e.g., client compute nodes 1002). Some of these are discussedin the following sections in the context of network functions or servicevirtualization, including the use of virtual edges and virtual serviceswhich are orchestrated for multiple stakeholders.

As discussed in more detail below, the edge gateway nodes 1012 and theedge aggregation nodes 1022 cooperate to provide various edge servicesand security to the client compute nodes 1002. Furthermore, because aclient compute node 1002 may be stationary or mobile, a respective edgegateway node 1012 may cooperate with other edge gateway devices topropagate presently provided edge services, relevant service data, andsecurity as the corresponding client compute node 1002 moves about aregion. To do so, the edge gateway nodes 1012 and/or edge aggregationnodes 1022 may support multiple tenancy and multiple stakeholderconfigurations, in which services from (or hosted for) multiple serviceproviders, owners, and multiple consumers may be supported andcoordinated across a single or multiple compute devices.

A variety of security approaches may be utilized within the architectureof the edge computing system 1000. In a multi-stakeholder environment,there can be multiple loadable security modules (LSMs) used to provisionpolicies that enforce the stakeholder's interests. Enforcement pointenvironments could support multiple LSMs that apply the combination ofloaded LSM policies (e.g., where the most constrained effective policyis applied, such as where if one or more of A, B or C stakeholdersrestricts access then access is restricted). Within the edge computingsystem 1000, each edge entity can provision LSMs that enforce the Edgeentity interests. The Cloud entity can provision LSMs that enforce thecloud entity interests. Likewise, the various Fog and IoT networkentities can provision LSMs that enforce the Fog entity's interests.

FIG. 11 shows an example where various client endpoints 1110 (in theform of mobile devices, computers, autonomous vehicles, businesscomputing equipment, industrial processing equipment) provide requests1120 for services or data transactions, and receive responses 1130 forthe services or data transactions, to and from the edge cloud 1100(e.g., via a wireless or wired network 1140). One or more microservicescan execute on one or more nodes and/or data center. Within the edgecomputing system 1000, the CSP may deploy various compute and storageresources, such as edge content nodes 1150 to provide cached contentfrom a distributed content delivery network. Other available compute andstorage resources available on the edge content nodes 1150 may be usedto execute other services and fulfill other workloads. The edge contentnodes 1150 and other systems of the edge computing system 1000 areconnected to a cloud or data center 1170, which uses a backhaul network1160 to fulfill higher-latency requests from a cloud/data center forwebsites, applications, database servers, etc.

FIG. 12 is a simplified block diagram of a system 1200 that includes aswitch 1202 and nodes 1204A, 1204B that may be included in the datacenter 100 shown in FIG. 1. The switch 1202 routes data communicationsto and from the nodes 1204A, 1204B and can be positioned at the top ofrack (TOR) (referred to as a top of rack switch), end of row (EOR),middle of rack (MOR) or can be a spine switch 150 that switchescommunications among systems (e.g., the systems 110, 120, 130, 140) inthe data center 100.

The switch 1202 includes ingress circuitry 1240 to processpackets/frames received by the switch 1202 and egress circuitry 1208 toprocess packets/frames to be transmitted by the switch 1202.

A mutex (multiple exclusion) is a synchronization object used toco-ordinate mutually exclusive access to a resource that is shared bymultiple processes. The mutex is used to give exclusive access to aresource to only one process at a time. The mutex is set before using ashared resource and released after using the shared resource. Examplesof resources include objects, data blocks, network resources includingbuffers, memory, and network interfaces, acceleration processors, FPGAsand sensors. The resources are used by an application composed ofmicroservices.

The switch 1202 includes an object mutex controller 1214 (the objectmutex controller can also be referred to as a resource mutex controller)to manage mutexes used to co-ordinate mutually exclusive access toresources that are shared by nodes 1204A, 1204B. The object mutexcontroller 1214 provides mechanisms to manage access to resources (forexample, objects) that are being concurrently processed by two or morenodes 1204A, 1204B in the data center 100 and to provide exclusiveaccess to an object shared by nodes to one of the nodes. The switch 1202includes intercept controller 1206 to forward packets/frames received bythe switch 1202 from nodes 1204A, 1204B for processing by the objectmutex controller 1214. The packets/frames can include data, code,machine learning (ML) models, electronic contracts, transactions,telemetry and/or control signals. The object mutex controller 1214 andthe intercept controller 1206 can be included in a switch system-on-chip(SoC).

The API interface between the nodes 1204A, 1204B and the switch 1202 canuse representational state transfer (REST). REST is a set of guidelinesfor creating web APIs based on HTTP methods to access resources viaUniform Resource Locator (URL)-encoded parameters and the use ofJavaScript Object Notation (JSON) or Extensible Markup Language (XML) totransmit data.

The intercept controller 1206 can identify whether a request for a mutexfor a resource is for an resource that is managed locally in the switch1202 or a remote resource to be accessed through an egress port inegress circuitry 1208. If the resource is managed locally, the interceptcontroller 1206 forwards the request for the mutex for the resource tothe object mutex controller 1214.

The object mutex controller 1214 provides primitives for acquiring andreleasing mutexes with the ability to acquire extensions for currentlyheld mutexes. The tenant holding the mutex can request to extend theexpiration period on the mutex. In response to the request, theexpiration time can be reset without releasing the lock.

Mutexes that are not surrendered after an approved duration arereclaimed and the process/processes holding the mutexes are placed inindefinite suspension until a process unwinds their interruptedtransaction sequences. In an embodiment, a transaction log contains thenecessary information to restart or rollback the transactions that didnot complete due to lack of resources. A transaction cleanup process canread the transaction log, determine whether to unwind or restart thetransaction and then apply the action.

The object mutex controller 1214 includes an object managementcontroller 1210, API interfaces 1212, object mutex tracker 1220 and asynchronous secured Virtual Local Area Network (VLAN) 1224. In otherembodiments, instead of VLAN, the network encapsulation protocol can beVirtual Extensible LAN (VxLAN) or Generic Network Virtualization(GENEVE).

API interfaces 1212 includes an API for creating, initializing,acquiring/releasing, timing-out, and timing-extension, mutexes. APIinterfaces also includes an API to allow mutexes to be acquired togetherand/or released together by a software agent (which is identified by aunique identifier). API interfaces 1212 can also include wait-until andabort-wait APIs in order respectively to wait for an event beingsignaled within a maximum wait duration and to issue a signal to arequestor.

A first API allows registration of a mutex for a resource that is ownedor managed by an entity. The registration allows specifying the objectidentifier being registered, a filtering rule that defines access to themutex and a network rule that defines network-based rules that can bedefined based on network masks or another network based Boolean rule.The filtering rule can be a Boolean rule that can be defined based onthe requestor of the mutex for the resource or other fields that can beassociated with requestors that will use the mutex. Registration of themutex can fail if there is not sufficient capacity in the switch 1202 totrack another mutex or the setup parameters for the mutex are incorrect.Setup parameters can include a default to mutex unallocated allowingresources associated with the mutex to be scheduled.

A second API allows requesting access to a mutex that has beenpreviously created. The request to access the mutex includes the objectidentifier (ID) that is requesting access to the mutex, the type ofaccess that is requested for the object and the time duration for whichthe mutex is requested. The type of access can be read, write, or readand write. The time duration of the request for the mutex indicates thelength of time that the mutex is required after an acknowledgment ofaccess is received.

Other APIs co-ordinate access between consumers identified as frequentaccessors to the mutex. These APIs are used when objects are accessed inhigh frequency and ping pong effects may occur across the variousconsumers. More details will be provided later.

Object management controller 1210 includes object management rules 1216and a request tracker 1218. The object management controller 1210 usesthe API interfaces 1212 to implement a communication flow with objectowners and object requestors.

Object mutex tracker 1220 includes mutex tracker 1226. The object mutextracker 1220 manages information stored in the mutex tracker 1226 thatrelates to objects that are being tracked by the switch 1202 and thecurrent owners of the mutexes for the tracked objects.

Synchronous secured VLAN 1224 includes secured VLAN 1228. A set of nodes(for example, nodes 1204A, 1204B) that belong to the same tenant orgroups of tenants can create a Synchronous VLAN. The switch 1202generates a private key 1238 that is part of the Synchronous VLAN andshared with tenants' applications participating in a synchronizationdomain. Tenants can access the intercept controller 1206, objectmanagement controller 1210 and object mutex tracker 1220 using theprivate key 1238. Resources can be partitioned based on a securitysensitivity rating. Different private keys may be correlated to thedifferent security sensitivity ratings. The switch 1202 can use theprivate key 1238 to perform the update based on the security sensitivityrating.

Nodes 1204A, 1204B include a network interface controller (NIC) 532,which may also be referred to as a host fabric interface (HFI). The NIC532 may be embodied as, or otherwise include, any type of integratedcircuit, discrete circuits, controller chips, chipsets, add-in-boards,daughtercards, network interface cards, or other devices that may beused by the node 1204A, 1204B to connect with another nodes 1204A,1204B. In some embodiments, the NIC 532 may be embodied as part of asystem-on-a-chip (SoC) that includes one or more processors, or includedon a multichip package that also contains one or more processors. Insome embodiments, the NIC 532 may include a local processor (not shown)and/or a local memory (not shown) that are both local to the NIC 532.The switch 1202 is configured to support unicast and multicastcommunication between the nodes 1204A, 1204B and the switch 1202.

Nodes 1204A, 1204B also include a processor 520 and a mutex applicationprogram interface (API) 1232. In the embodiment shown, node 1204Aincludes object owner 1230 and node 1204B includes object requester1234. The object owner 1230 and object requester 1234 can include theprivate key 1238.

For example, the operating system can translate mutex API 1232 cantranslate standard Linux mutex calls that are used to lock and unlock amutex for an object to a REST API that is used to configure the switchor the operating system can use a library that translates the standardLinux mutex calls to the REST API Standard Linux mutex calls includepthread_mutex_lock( ) pthread_mutex_unlock( ) and pthread_mutex_trylock() The mutex for the object can be locked by a call topthread_mutex_lock( ) unlocked by a call to pthread_mutex_unlock( ) andthe status of the mutex (locked, unlocked) can be obtained by a call topthread_mutex_trylock( ).

When the mutex for an object is owned by a first tenant, the firsttenant is the object owner 1230. When a second tenant wants access tothe object, the second tenant makes a request and becomes the objectrequestor. The object mutex controller 1214 negotiates the transfer ofownership from the first tenant to the second tenant.

To acquire a mutex, a node sends a packet with header fields indicatingtype of operation, topological information (tree index) of the otherprocesses, lease info etc. to the ingress circuitry 1240 in the switch1202. The response to the request to acquire the mutex are sent in apacket (a response packet) via egress circuitry 1208 in the switch 1202to the node. The switch 1202 can use Programmable Packet ProcessingPipeline (P4) to parse the header fields in the packet, use somestateful registers to record the mutex for the requesting node and thenproactively multicast the packet to the nodes. Before multicasting, theswitch 1202 can include a monotonically increasing number in the packetas a sequence number so that receiving nodes can differentiate the orderof requests for mutexes. In other embodiments, a node can send a querymessage first to the switch 1202 to check if there are existing lockedresources and to obtain the lease information for the locked resources.The lease information identifies when the locked resource is scheduledfor release.

FIG. 13 illustrates an example of an object management rules entry 1300in the object management rules 1216 in the object management controller1210 in the switch 1202. The object management rules entry 1300 in theobject management rules 1216 stores rules for an object that is owned ormanaged by an entity (for example, node 1204A). The object is identifiedby an object identifier 1302 that is stored in the object managementrules entry 1300. In an embodiment, the object identifier 1302 is aUniversally Unique Identifier (UUID), for example, a 36-characteralphanumeric string. The rules associated with the object identifier1302 can include a filtering rule 1304 and a network rule 1306.

The filtering rule 1304 can define a tenant (for example, User Equipment(UE) or a User Agent (UA) an entity that can access the objectidentified by the object identifier 1302 that is stored in the objectmanagement rules entry 1300. The filtering rule 1304 can be a Booleanrule (for example, the Boolean rule can describe resource dependencieswhere a first resource is allocated if a second resource is alsoallocated, for example, Allocate A IF (A and B) are allocated) definedbased on the requestors or other fields associated with requestors thatuse the mutex object (for example, other telemetry data that pertain tothe switch or the resources in the switch such as network addresses,network interfaces and network packets).

The network rule 1306 defines network-based filtering rules based onnetwork masks (for example, Subnet=10.34.x.x) or other network basedBoolean rules. Network masks is a routing technique that masks a portionof the network address so that multiple packets to different endpointscan be routed to the same network domain (for example,Subnet=10.34.x.x). Boolean rules (also referred to as Boolean algebra)can include routing logic and allocate all resources within the subnet10.34.x.x. An example of a network based Boolean rule is “IF Resource-A@ 10.34.x.x is available AND Resource-B @ 10.35.x.x is available THENrequest Resource-C @ 10.36.x.x”

FIG. 14 illustrates an example of a request tracker entry 1400 in therequest tracker 1218 in object management controller 1210 the switch1202. The request tracker entry 1400 includes an object identifier 1402,an object owner 1404 and a request tracker type 1406. In an embodiment,the object identifier 1302 is a UUID and the object owner 1404 is aUUID. The request tracker type 1406 stores the tracker mutex type, forexample, read or write mutex.

FIG. 15 illustrates an example of a mutex tracker entry 1500 in themutex tracker 1226 in the switch 1202. The mutex tracker entry 1500 inthe mutex tracker 1226 includes an object identifier 1502, a mutex owner1504 and duration and type of access to object 1506. The mutex trackerentry 1500 is used to request access to an object.

The object identifier 1502 stores an identifier for the object for whichthe mutex is being requested. In an embodiment, the object identifier1502 is a UUID. The mutex owner 1504 stores an identifier for the ownerof the mutex for the object. In an embodiment, the identifier for theowner of the mutex is a UUID.

The duration and type of mutex 1506 stores the type of access requestedfor the object and the length of time for which the mutex is requiredfor the object. The type of access can be read-only, write-only,read-write or read-modify-write access. The duration of the request forthe mutex for the object indicates the length of time that the object isrequired after an acknowledge is received. The length of time that theobject is required does not include latency associated with signaling toindicate that the object is locked.

FIG. 16 illustrates an example of a synchronous secured VLAN entry 1600in the synchronous secured VLAN 1224 in the switch 1202. The synchronoussecured VLAN entry 1600 is used to create secure synchronizationdomains. The synchronous secured VLAN entry 1600 includes a securevirtual local area network identifier 1602, a private key 1604 andtenants 1606. In an embodiment, the secure virtual local area networkidentifier 1602 is a Universally Unique Identifier (UUID), the privatekey 1604 stores the private key for the synchronous VLAN, and thetenants 1606 stores a list of UUIDs for tenants in the securesynchronization domain.

A synchronous secured VLAN can be created for a set of nodes owned bythe same tenant or groups of tenants. Intercept controller 1206 in theswitch 1202 authenticates object requests that use a tenant specific keyto establish a secure session to the switch 1202. The interceptcontroller 1206 in the switch 1202 generates the private key 1604 forthe synchronous secured VLAN. The private key 1604 is shared with thetenants' applications participating in the synchronous secured VLAN. Thesecure virtual local area network identifier 1602 for the synchronoussecured VLAN is used to generate and manage objects.

Tenants have access to mutexes using the private key 1604. The switch1202 uses the private key 1604 to update mutexes. Tenants may access avariety of resources/objects via mutexes where the tenants' identity isauthenticated using a private key 1604 (private key 1238). Use of asynchronous secured VLAN enables multiple mutex actions (lock/unlock)over multiple resources to occur in synchronized order due to thesynchronous secured VLAN having reliable transport properties.

FIG. 17 is a flow graph illustrating a method performed in the switch1202 to process a request received from a node 1204A, 1204B for a mutexfor an object. A mutex is a lock that is shared by multiple processes.The request for the mutex can be sent from the object requester 1234 innode 1204B via mutex API 1236 to the switch 1202. Mutex API 1236 cansend Request Mutex (object, type, duration) to the switch 1202 in apacket using a web application program interface (API). The interceptcontroller 1206 forwards the Request Mutex (object, type, duration)received in the packet to API interfaces 1212 in the switch 1202. Objectis the UUID for the object, type is the type of access (read, write, orread and write), duration is the length of time for which the mutex forthe object is required by the requester (for example, node 1204B).

At block 1700, object management controller 1210 checks network rule1306 in the object management rules entry 1300 in object managementrules 1216 for the requestor to determine if the requestor haspermission to access the object. Network rule 1306 is a networkfiltering rule. Examples of network filtering rules include did therequest arrive over the anticipated network interface or subnet (asspecified by a subnet mask) or did the request arrive via an expectedapplication protocol such as TCP Port 80.

If the requestor has permission, processing continues with block 1702.If the requestor does not have permission, processing continues withblock 1720.

At block 1702, the mutex owner 1504 for the object (object identifier1502) in the mutex tracker 1226 is read to determine if the object islocked. If the object is locked, processing continues with block 1710.If the object is not locked, processing continues with block 1704.

At block 1704, the owner of the mutex for the object is updated.Processing continues with block 1706.

At block 1706, if the owner of the object requires an update when themutex for the object is requested, processing continues with block 1708.If not, processing continues with block 1720.

At block 1708, a notification is sent to the owner of the object.Processing continues with block 1720.

At block 1710, if the timer for the owner of the mutex has expired,processing continues with block 1718. If not, processing continues withblock 1714.

At block 1712, the timer for the last owner of the mutex has expired,the mutex is released. A notification to the last owner of the mutex canbe generated. Processing continues with block 1704.

At block 1714, the timer for the last mutex has not expired. If theobject owner has provided a release time for the object that hasexpired, a forced release is required, processing continues with block1716.

At block 1716, a notification is sent to the current owner of the mutex.Processing continues with block 1712 to release the mutex.

At block 1718, the requestor does not have permission to access themutex object, a NACK message is generated and returned to the requester.Typically, a NACK message includes a session identifier that wassupplied in the original request. The NACK message includes a negativeacknowledgement as to the original request. For example, if the originalrequest was to obtain a mutex for resource X, the NACK messageidentifies resource X and indicates failure to obtain the mutex.

At block 1720, a timer is configured with the duration of the mutexprovided by the requestor in the request for the mutex. Processingcontinues with block 1722.

At block 1722, the requester of the mutex for the object is notifiedthat access to the mutex for the object is accepted.

Flow diagrams as illustrated herein provide examples of sequences ofvarious process actions. The flow diagrams can indicate operations to beexecuted by a software or firmware routine, as well as physicaloperations. In one embodiment, a flow diagram can illustrate the stateof a finite state machine (FSM), which can be implemented in hardwareand/or software. Although shown in a particular sequence or order,unless otherwise specified, the order of the actions can be modified.Thus, the illustrated embodiments should be understood only as anexample, and the process can be performed in a different order, and someactions can be performed in parallel. Additionally, one or more actionscan be omitted in various embodiments; thus, not all actions arerequired in every embodiment. Other process flows are possible.

To the extent various operations or functions are described herein, theycan be described or defined as software code, instructions,configuration, and/or data. The content can be directly executable(“object” or “executable” form), source code, or difference code(“delta” or “patch” code). The software content of the embodimentsdescribed herein can be provided via an article of manufacture with thecontent stored thereon, or via a method of operating a communicationinterface to send data via the communication interface. A non-transitorymachine-readable storage media can cause a machine to perform thefunctions or operations described, and includes any mechanism thatstores information in a form accessible by a machine (e.g., computingdevice, electronic system, etc.), such as recordable/non-recordablemedia (e.g., read only memory (ROM), random access memory (RAM),magnetic disk storage media, optical storage media, flash memorydevices, etc.). A communication interface includes any mechanism thatinterfaces to any of a hardwired, wireless, optical, etc., medium tocommunicate to another device, such as a memory bus interface, aprocessor bus interface, an Internet connection, a disk controller, etc.The communication interface can be configured by providing configurationparameters and/or sending signals to prepare the communication interfaceto provide a data signal describing the software content. Thecommunication interface can be accessed via one or more commands orsignals sent to the communication interface.

Various components described herein can be a means for performing theoperations or functions described. Each component described hereinincludes software, hardware, or a combination of these. The componentscan be implemented as software modules, hardware modules,special-purpose hardware (e.g., application specific hardware,application specific integrated circuits (ASICs), digital signalprocessors (DSPs), etc.), embedded controllers, hardwired circuitry,etc.

Besides what is described herein, various modifications can be made tothe disclosed embodiments and implementations of the invention withoutdeparting from their scope.

Therefore, the illustrations and examples herein should be construed inan illustrative, and not a restrictive sense. The scope of the inventionshould be measured solely by reference to the claims that follow.

What is claimed is:
 1. A switch, the switch comprising: an interceptcontroller to receive a packet from one of a plurality of nodes, thepacket to include a request to acquire a mutex for an object shared bytwo or more of the plurality of nodes; and a mutex controller to processthe request to acquire the mutex for the object forwarded from theintercept controller, the mutex controller to provide access to theobject to the one of the plurality of nodes if the mutex for the objectis not being used and to reject the request to acquire the mutex for theobject if the mutex for the object is being used.
 2. The switch of claim1, wherein the packet includes a web Application Program Interface thatincludes the request for the mutex for the object.
 3. The switch ofclaim 1, wherein the switch is configured to support unicast andmulticast communication between the plurality of nodes and the switch.4. The switch of claim 1, wherein a response to the request to acquirethe mutex is multicast in a response packet transmitted to the pluralityof nodes.
 5. The switch of claim 1, wherein a node to send a querymessage to check if the object is locked and if the object is locked toobtain lease information to identify when the object is scheduled forrelease.
 6. The switch of claim 1, wherein the request to acquire amutex for an object includes a type of access for the object.
 7. Theswitch of claim 6, wherein the type of access for the object isread-only, write-only, read-write, or read-modify-write.
 8. A datacenter comprising: a plurality of nodes, each node including a networkinterface controller; and a switch, the switch comprising: an interceptcontroller to receive a packet from one of the plurality of nodes, thepacket to include a request to acquire a mutex for a resource shared bytwo or more of the plurality of nodes; and a mutex controller to processthe request for the mutex for the resource forwarded from the interceptcontroller, the mutex controller to provide access to the resource tothe one of the plurality of nodes if the mutex for the resource is notbeing used and to reject the request to acquire the mutex for theresource if the mutex for the resource is being used.
 9. The data centerof claim 8, wherein the switch is a top of rack switch or a spineswitch.
 10. The data center of claim 8, wherein the resource is anobject, data block, or a network resource.
 11. The data center of claim8, wherein the packet includes a web Application Program Interface thatincludes the request for the mutex for the resource.
 12. The data centerof claim 8, wherein the switch is configured to support unicast andmulticast communication between the plurality of nodes and the switch.13. The data center of claim 8, wherein a response to the request toacquire the mutex is multicast in a response packet transmitted to theplurality of nodes.
 14. The data center of claim 8, wherein a node tosend a query message to check if the resource is locked and if theresource is locked to obtain lease information to identify when theresource is scheduled for release.
 15. One or more non-transitorymachine-readable storage media comprising a plurality of instructionsstored thereon that, in response to being executed, cause a system to:receive a packet from one of a plurality of nodes, the packet to includea request to acquire a mutex for an object shared by two or more of theplurality of nodes; and process the request to acquire the mutex for theobject to provide access to the object to the one of the plurality ofnodes if the mutex for the object is not being used and to reject therequest to acquire the mutex for the object if the mutex for the objectis being used.
 16. The one or more non-transitory machine-readablestorage media of claim 15, wherein the packet includes a web ApplicationProgram Interface that includes the request for the mutex for theobject.
 17. The one or more non-transitory machine-readable storagemedia of claim 15, wherein the system is configured to support unicastand multicast communication between the plurality of nodes and thesystem.
 18. The one or more non-transitory machine-readable storagemedia of claim 15, wherein a response to the request to acquire themutex is multicast in a response packet transmitted to the plurality ofnodes.
 19. The one or more non-transitory machine-readable storage mediaof claim 15, wherein a node to send a query message to check if theobject is locked and if the object is locked to obtain lease informationto identify when the object is scheduled for release.
 20. The one ormore non-transitory machine-readable storage media of claim 15, whereinthe request to acquire a mutex for an object includes a type of accessfor the object.
 21. The one or more non-transitory machine-readablestorage media of claim 20, wherein the type of access for the object isread-only, write-only, read-write or read-modify-write.